You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@cxf.apache.org by as...@apache.org on 2020/07/09 23:02:49 UTC
[cxf] 01/01: Merge branch 'master' into
feature/CXF-8099_mask_sensitive_logging_elements
This is an automated email from the ASF dual-hosted git repository.
ashakirin pushed a commit to branch feature/CXF-8099_mask_sensitive_logging_elements
in repository https://gitbox.apache.org/repos/asf/cxf.git
commit b8f66bb7c77125560d8d4091ac77258d79401613
Merge: a99ff2c 47a21d4
Author: ashakirin <49...@users.noreply.github.com>
AuthorDate: Fri Jul 10 01:02:15 2020 +0200
Merge branch 'master' into feature/CXF-8099_mask_sensitive_logging_elements
# Conflicts:
# rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
.../cxf/common/logging/RegexLoggingFilterTest.java | 3 +-
distribution/src/main/release/samples/pom.xml | 4 +-
.../karaf/features/src/main/resources/features.xml | 3 +-
parent/pom.xml | 19 +++--
pom.xml | 5 --
.../ext/logging/AbstractLoggingInterceptor.java | 3 +-
.../cxf/ext/logging/LoggingInInterceptor.java | 24 ++++++
rt/frontend/jaxrs/pom.xml | 4 +
.../apache/cxf/jaxrs/model/wadl/WadlGenerator.java | 14 ++--
.../cxf/jaxrs/model/wadl/WadlGeneratorTest.java | 8 +-
.../httpsignature/utils/SignatureHeaderUtils.java | 2 +-
rt/rs/security/oauth-parent/oauth2/pom.xml | 10 +--
.../grants/refresh/RefreshTokenGrantHandler.java | 2 +-
.../cxf/rs/security/oauth2/utils/OAuthUtils.java | 13 +++-
rt/rs/security/sso/oidc/pom.xml | 10 +--
.../apache/cxf/transport/jms/JMSDestination.java | 2 +-
.../jms/util/PollingMessageListenerContainer.java | 6 ++
.../org/apache/cxf/sts/service/StaticService.java | 24 ++++++
.../apache/cxf/sts/service/StaticServiceTest.java | 68 ++++++++++++++++
.../apache/cxf/systest/jaxrs/AtomBookStore.java | 3 +
.../apache/cxf/systest/jaxrs/AtomBookStore2.java | 3 +
.../apache/cxf/systest/jaxrs/AtomBookStore3.java | 3 +
.../cxf/systest/jaxws/JaxwsAsyncFailOverTest.java | 6 ++
...ncFailOverTest.java => JaxwsBasicAuthTest.java} | 86 ++++++++++++++-------
systests/rs-security/pom.xml | 16 ++--
.../grants/AuthorizationGrantNegativeTest.java | 46 +++++++++++
.../oauth2/grants/AuthorizationGrantTest.java | 45 +++++++++++
.../apache/cxf/systest/mtom/ClientMtomXopTest.java | 37 +++++++++
.../test/resources/\346\265\213\350\257\225.bmp" | Bin 0 -> 163166 bytes
.../cxf/tools/wadlto/jaxrs/SourceGenerator.java | 2 +-
.../cxf/tools/wadlto/jaxrs/JAXRSContainerTest.java | 22 ++++++
.../src/test/resources/wadl/bookstoreHyphen.xml | 46 +++++++++++
32 files changed, 454 insertions(+), 85 deletions(-)
diff --cc rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
index 104b6b4,7927359..e4375f8
--- a/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
+++ b/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/AbstractLoggingInterceptor.java
@@@ -39,8 -34,7 +39,7 @@@ public abstract class AbstractLoggingIn
public static final int DEFAULT_LIMIT = 48 * 1024;
public static final int DEFAULT_THRESHOLD = -1;
public static final String CONTENT_SUPPRESSED = "--- Content suppressed ---";
- private static final String LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
-
- protected static final String LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
++ protected static final String LIVE_LOGGING_PROP = "org.apache.cxf.logging.enable";
protected int limit = DEFAULT_LIMIT;
protected long threshold = DEFAULT_THRESHOLD;
protected boolean logBinary;
diff --cc rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
index c5da59d,a5ed555..73b72b2
--- a/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
+++ b/rt/features/logging/src/main/java/org/apache/cxf/ext/logging/LoggingInInterceptor.java
@@@ -64,9 -83,14 +83,14 @@@ public class LoggingInInterceptor exten
public void handleMessage(Message message) throws Fault {
if (isLoggingDisabledNow(message)) {
return;
+ } else {
+ //ensure only logging once for a certain message
+ //this can prevent message logging again when fault
+ //happen after PRE_INVOKE phase(rewind calls into LoggingInFaultInterceptor)
+ message.put(LIVE_LOGGING_PROP, Boolean.FALSE);
}
createExchangeId(message);
- final LogEvent event = eventMapper.map(message);
+ final LogEvent event = eventMapper.map(message, sensitiveProtocolHeaderMap);
if (shouldLogContent(event)) {
addContent(message, event);
} else {